GSD-2022-1004710 cgroup: Use separate src/dst nodes when preloading css_sets for migration

cgroup: Use separate src/dst nodes when preloading csssets for migration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.207 by commit...

GSD-2022-1004197 cgroup: Use separate src/dst nodes when preloading css_sets for migration

cgroup: Use separate src/dst nodes when preloading csssets for migration This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.13 by commit...

Improper access control

Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...

CVE-2021-31847

The CVE-2021-31847 issue affects McAfee Agent for Windows prior to 5.7.4. It is an improper access control flaw in the repair process that could let a local attacker perform a DLL preloading attack using unsigned DLLs. This stems from not properly protecting a temporary directory used during repa...

CVE-2021-31847 Improper privilege management in repair process of MA for Windows

Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloading attack using unsigned DLLs. This would result in elevation of privileges and the ability to execute arbitrary code as the system user,...

PT-2021-19548 · Mcafee · Mcafee Agent For Windows

Name of the Vulnerable Software and Affected Versions: McAfee Agent for Windows versions prior to 5.7.4 Description: The issue is related to improper access control in the repair process, allowing a local attacker to perform a DLL preloading attack using unsigned DLLs. This results in elevation o...

Mcafee McAfee Agent 安全漏洞

Mcafee McAfee Agent MA is a McAfee client component that provides secure communication between ePolicy Orchestrator antivirus management platform and managed products. A security vulnerability exists in the repair process in McAfee Agent for Windows versions prior to 5.7.4, which stems from not...

CVE-2021-3633

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation...

CVE-2021-3633

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation...

Privilege escalation

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation...

CVE-2021-3633

CVE-2021-3633 affects Lenovo Driver Management. A DLL preloading vulnerability in Lenovo Driver Management prior to version 2.9.0719.1104 could allow privilege escalation. Affected component: Lenovo Driver Management (Windows). Root cause: DLL preloading. Impact: privilege escalation if exploited...

CVE-2021-3633

A DLL preloading vulnerability was reported in Lenovo Driver Management prior to version 2.9.0719.1104 that could allow privilege escalation...

Lenovo Driver Management 代码问题漏洞

Lenovo Driver Managemen is a Lenovo power management driver for Windows 10, 8.1, 8, 7 32-bit, 64-bit from Lenovo China. A security vulnerability exists in Lenovo Driver Management, which stems from a DLL preloading vulnerability in Lenovo Driver Management prior to version 2.9.0719.1104 that allo...

McAfee Agent 5.x prior to 5.7.3 Multiple Vulnerabilities (SB10362)

The version of McAfee Agent, formerly McAfee ePolicy Orchestrator ePO Agent, installed on the remote host is 5.x prior to 5.7.3. It is, therefore, affected by the following vulnerabilities: - An improper privilege management vulnerability exists due to a local user having the ability to edit the...

McAfee Agent Code Issue Vulnerability (CNVD-2021-49069)

The McAfee McAfee Agent MA is a set of client components from McAfee, Inc. that provides secure communications between ePolicy Orchestrator the antivirus management platform and managed products. A security vulnerability exists in McAfee Agent in versions prior to 5.7.3. The vulnerability stems...

Vulnerabilities fixed in McAfee Agent for Windows

Vulnerabilities have been fixed in McAfee Agent for Windows. A malicious party could potentially exploit the vulnerability with CVE attribute CVE-2021-31840 potentially exploit it to execute arbitrary code with elevated privileges via a "DLL preloading" attack. The vulnerability with CVE attribut...

CVE-2021-31840

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...

CVE-2021-31840

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...

Code injection

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid...

CVE-2021-31840

CVE-2021-31840 affects McAfee Agent for Windows prior to 5.7.3, where the DLL preloading mechanism allows a local, authenticated attacker to load unsigned DLLs, gain elevated privileges, and execute arbitrary code. The issue is tied to the preloading path of specific DLLs within McAfee Agent; Red...